Provide a "nosnp" kernel command line option to prevent enabling of the RMP
and SEV-SNP features in the host/hypervisor. Not initializing the RMP
removes system overhead associated with RMP checks.
[ bp: Actually make it a HV-only cmdline option. ]
Co-developed-by: Eric Van Tassell <Eric.VanTassell@amd.com>
Signed-off-by: Eric Van Tassell <Eric.VanTassell@amd.com>
Signed-off-by: Pavan Kumar Paluri <papaluri@amd.com>
Signed-off-by: Borislav Petkov (AMD) <bp@alien8.de>
Reviewed-by: Tom Lendacky <thomas.lendacky@amd.com>
Link: https://lore.kernel.org/r/20241014130948.1476946-3-papaluri@amd.com
debug
Enable debug messages.
+
+ nosnp
+ Do not enable SEV-SNP (applies to host/hypervisor only). Setting
+ 'nosnp' avoids the RMP check overhead in memory accesses when
+ users do not want to run SEV-SNP guests.
#include <linux/string.h>
#include <linux/printk.h>
#include <linux/cache.h>
+#include <linux/cpufeature.h>
#include <asm/sev-common.h>
continue;
}
+ if (!strcmp(s, "nosnp")) {
+ if (!cpu_feature_enabled(X86_FEATURE_HYPERVISOR)) {
+ setup_clear_cpu_cap(X86_FEATURE_SEV_SNP);
+ cc_platform_clear(CC_ATTR_HOST_SEV_SNP);
+ continue;
+ } else {
+ goto warn;
+ }
+ }
+
+warn:
pr_info("SEV command-line option '%s' was not recognized\n", s);
}
projects / linux-block.git / commitdiff